Vulnerabilities > Netapp > Snapmanager > High

DATE CVE VULNERABILITY TITLE RISK
2020-11-16 CVE-2020-26217 OS Command Injection vulnerability in multiple products
XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream.
network
low complexity
xstream-project debian netapp apache oracle CWE-78
8.8
8.8
2020-07-15 CVE-2020-14664 Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX).
network
high complexity
oracle netapp
8.3
8.3
2020-07-15 CVE-2020-14593 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). 7.4
7.4
2020-07-15 CVE-2020-14583 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). 8.3
8.3
2020-04-15 CVE-2020-2805 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). 8.3
8.3
2020-04-15 CVE-2020-2803 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). 8.3
8.3
2018-08-20 CVE-2018-1000632 XML Injection (aka Blind XPath Injection) vulnerability in multiple products
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element.
network
low complexity
dom4j-project debian oracle redhat netapp CWE-91
7.5
7.5
2018-07-18 CVE-2018-2942 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Windows DLL).
network
high complexity
oracle netapp
8.3
8.3
2018-06-22 CVE-2018-12538 Session Fixation vulnerability in multiple products
In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore.
network
low complexity
eclipse netapp CWE-384
8.8
8.8
2018-04-19 CVE-2018-2826 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries).
network
high complexity
oracle canonical netapp
8.3
8.3